Commit Graph

30558 Commits

Author SHA1 Message Date
Carlton Gibson 63869ab1f1 Added CVE-2021-45115, CVE-2021-45116, and CVE-2021-45452 to security archive. 2022-01-04 11:30:11 +01:00
Carlton Gibson f38c66b555 Added stub release notes for Django 4.0.2. 2022-01-04 11:10:53 +01:00
Carlton Gibson 155e06a50b Corrected merge error in release notes. 2022-01-04 10:50:23 +01:00
Florian Apolloner 6d343d01c5 Fixed CVE-2021-45452 -- Fixed potential path traversal in storage subsystem.
Thanks to Dennis Brinkrolf for the report.
2022-01-04 10:04:12 +01:00
Florian Apolloner 761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Florian Apolloner 968a3d01fa Fixed CVE-2021-45115 -- Prevented DoS vector in UserAttributeSimilarityValidator.
Thanks Chris Bailey for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:02:05 +01:00
Luke Plant ccafad2e42
Avoided suggestion of plain text database password in sessions topic. 2022-01-04 06:47:24 +01:00
David Wobrock 482ee63b6f
Fixed #33402 -- Optimized multiple AlterFooTogether operations. 2022-01-04 06:24:03 +01:00
Keryn Knight 0ed2919814 Fixed #33406 -- Avoided creation of MaxLengthValidator(None) when resolving Value.output_field for strings.
This brings the behaviour in line with Field subclasses which append to
the validators within __init__(), like BinaryField, and prevents the
creation of a validator which incorrectly throws a TypeError, if it
were used.
2022-01-04 05:51:00 +01:00
Keryn Knight b894199eb0 Refs #33406 -- Added test for not creating broken validators when resolving Value.output_field. 2022-01-04 05:51:00 +01:00
Mariusz Felisiak 30613d6a74
Fixed #33408 -- Fixed adding nullable unique fields on SQLite.
Regression in 2f73e5406d.

Thanks Alan Crosswell for the report.
2022-01-04 05:50:00 +01:00
Jacob Walls 0ab58c1209 Refs #29026 -- Allowed customizing InteractiveMigrationQuestioner's prompt destination.
Previously, the questioner did not obey the value of stdout provided
to the command.
2022-01-03 12:30:51 +01:00
Jacob Walls 03a6488116
Refs #31026 -- Changed @jinja2_tests imports to be relative. 2022-01-03 06:11:30 +01:00
Mariusz Felisiak 4400d8568a
Fixed #33391 -- Clarified Aggregate.empty_result_set_value docs. 2021-12-31 06:49:10 +01:00
Mariusz Felisiak a21a63cc28
Refs #27753 -- Removed unused django.utils.text._replace_entity() and _entity_re.
Unused since 157ab32f34.
2021-12-30 13:19:25 +01:00
Mariusz Felisiak 826701232c
Removed obsolete Oracle's test_client_encoding() test.
encoding and nencoding parameters were deprecated in cx_Oracle 8.2.
Moreover, encoding is handled internally between cx_Oracle and Oracle
Database and there is no need to test it.
2021-12-30 12:42:37 +01:00
mangelozzi eb901681ab
Improved @display(empty_value) example in ModelAdmin.empty_value_display docs. 2021-12-30 11:39:04 +01:00
Jacob Walls 6174814dbe Fixed #27936 -- Rewrote spanning multi-valued relationships docs. 2021-12-30 08:38:04 +01:00
Mariusz Felisiak 1283458baa Added default values to Entry's fields in making queries docs.
This makes it easier to create a data in examples.
2021-12-30 08:38:04 +01:00
Shubh1815 aecfc40c88 Fixed #33300 -- Ensured hidden elements are not displayed on small screens. 2021-12-30 07:57:36 +01:00
Jacob Walls 92412aa94c Fixed #23273 -- Avoided creation of django_migrations table when there are no migrations to apply. 2021-12-30 06:36:55 +01:00
Mariusz Felisiak 361bb8f786
Refs #26872 -- Fixed wrapping of long choices in ModelAdmin.list_filter.
Regression in 269a767146.
2021-12-29 10:57:23 +01:00
Keryn Knight d5f2d5d604
Fixed wrapping of long values in technical 500 debug page. 2021-12-29 07:59:45 +01:00
David Smith 950d697b95
Refs #31617 -- Removed redundant title text in filter.html.
Unnecessary since 269a767146.

Title text should provide advisory information and should not be the
same or very similar to the element text.
2021-12-28 13:42:35 +01:00
Sergey Fursov feeb0685c6 Updated example of YAML serialization format in docs. 2021-12-28 12:44:41 +01:00
Mariusz Felisiak ad6bb20557
Avoided counting attributes and methods in docs. 2021-12-28 12:36:57 +01:00
Carlton Gibson b13d920b7b Added stub release notes for 4.0.1, 3.2.11, and 2.2.26 releases. 2021-12-28 08:47:33 +01:00
Mariusz Felisiak 2d07e1aaeb
Refs #22983 -- Added tests for squashing migrations with functions from migration files.
Follow up to ebb13bbd88.
2021-12-27 18:49:19 +01:00
Hannes Ljungberg 59a66f0512 Refs #33342 -- Deprecated ExclusionConstraint.opclasses. 2021-12-27 08:55:18 +01:00
Tim Graham ff225fac1d
Refs #29517 -- Removed obsolete PositiveIntegerField test skip. 2021-12-27 06:16:59 +01:00
Hannes Ljungberg 0e656c02fe Fixed #33342 -- Added support for using OpClass() in exclusion constraints. 2021-12-24 11:39:00 +01:00
David Smith a0d43a7a6e
Refs #31617 -- Changed dark mode primary-fg to give higher contrast to secondary. 2021-12-23 21:10:25 +01:00
Adam Johnson 5f6a727a6a Refs #33355 -- Constructed SQLite list aggregate types once. 2021-12-23 12:08:33 +01:00
Adam Johnson ec7554f1c2 Refs #33355 -- Removed @none_guard from SQLite functions.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 12:00:29 +01:00
Adam Johnson deec15a9a6 Refs #33355 -- Made trunc functions raise ValueError on invalid lookups on SQLite.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 11:47:13 +01:00
Adam Johnson 2d991ff661 Refs #33355 -- Moved SQLite functions to separate module.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 11:47:08 +01:00
David cb82ded4b2 Refs #32339 -- Added rendering tests for forms with CheckboxSelectMultiple and SelectMultiple widgets. 2021-12-23 07:38:05 +01:00
Adam Johnson fa4b2c15f2 Refs #33355 -- Optimized LPad() database function on SQLite.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-23 06:56:30 +01:00
Mariusz Felisiak ca04659b4b
Refs #32355 -- Bumped required psycopg2 version to 2.8.4.
psycopg2 2.8.4 is the first release to support Python 3.8.
2021-12-22 20:32:55 +01:00
Adam Johnson c4328c2f4e Refs #33355 -- Optimized Trunc() on SQLite by using f-strings.
Co-Authored-By: Nick Pope <nick@nickpope.me.uk>
2021-12-22 11:47:55 +01:00
Adam Johnson a8fa3e5cd7 Refs #33355 -- Added missing tests for database functions and expression on null values. 2021-12-22 11:46:18 +01:00
David Smith 78f062f63e Refs #31026 -- Updated TemplatesSetting docs to refer to forms. 2021-12-22 08:03:47 +01:00
Adam Johnson fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs. 2021-12-22 07:59:24 +01:00
Brenton Partridge 19fb838803 Fixed #32600 -- Fixed Geometry collections and Polygon segmentation fault on macOS ARM64. 2021-12-21 13:00:09 +01:00
Baptiste Mispelon e95e6425ac Refs #24121 -- Added __repr__() to BaseFormSet. 2021-12-21 12:06:05 +01:00
Baptiste Mispelon 61b332499d Used assertRaisesMessage() in test_client_regress.AssertFormErrorTests. 2021-12-21 11:09:45 +01:00
vavanade 6045b1f041
Fixed typo in django/forms/widgets.py. 2021-12-21 09:14:58 +01:00
Adam Johnson 33401cba93
Optimized MiddlewareMixin coroutine check. 2021-12-21 08:41:29 +01:00
Adam Johnson cc752c1c3a
Optimized django.template.autoreload.get_template_directories() a bit. 2021-12-21 08:39:40 +01:00
David Wobrock 72b23c04d8 Fixed #33374 -- Fixed ExpressionWrapper annotations with full queryset. 2021-12-21 06:17:04 +01:00